Enhanced Mitigation Experience Toolkit (EMET) 3.5 features new defenses inspired by finalist Ivan Fratric, a researcher at the University of Zagreb in Croatia. The other finalists are Jared DeMott, a security researcher employed by Florida-based Harris Corp., a major defense and aerospace contractor, and Vasilis Pappas, a Ph.D. student at Columbia University.

Microsoft will announce the winners late Thursday at the Black Hat security conference, which kicked off today in Las Vegas and wraps up tomorrow.

"If nothing else the EMET update shows they are committed to taking these ideas and acting on them," said Andrew Storms, director of security operations at nCircle Security, in a Wednesday interview conducted via instant messaging.

EMET, designed for enterprise IT workers and advanced users, lets them manually switch on Windows anti-exploit defenses, such as DEP (data execution prevention) and ASLR (address space layout randomization) for specific applications.

The toolkit is often used to harden older programs and has also been recommended by Microsoft as stop-gap protection. In March 2011, for example, Microsoft told Office customers to run EMET to until Adobe patched a bug in Flash.